Need help in configuring Certificate based authentication on Freeradius

i successfully authenticate client with eap-peap but with eap-tls i got

error 20 at 0 depth lookup: unable to get local issuer certificate
(102) eap_tls: ERROR: Program returned code (2) and output 'error /tmp/radiusd/radiusd.client.XXKcOfEA: verification failed'
tls: Certificate CN (client) fails external verification!
(102) eap_tls: >>> send TLS 1.2  [length 0002] 
(102) eap_tls: ERROR: TLS Alert write:fatal:internal error
tls: TLS_accept: Error in error
(102) eap_tls: ERROR: Failed in __FUNCTION__ (SSL_read): error:1417C086:SSL routines:tls_process_client_certificate:certificate verify failed
(102) eap_tls: ERROR: System call (I/O) error (-1)
(102) eap_tls: ERROR: TLS receive handshake failed during operation
(102) eap_tls: ERROR: [eaptls process] = fail
(102) eap: ERROR: Failed continuing EAP TLS (13) session.  EAP sub-module failed

on client side (my home pc ) i have ca.pem and client.p12
i dont know where i'm doing mistake. Any help?

Are you using OpenWRT with your RADIUS implementation?

yes, openwrt latest branch